Merge pull request #2695 in SNORT/snort3 from ~SHIKV/snort3:snmp to master

Squashed commit of the following:

commit 35e3bfc98489be91544c74e671fc2eb31c7c4dc4
Author: shikv <shikv@cisco.com>
Date:   Sun Jan 10 16:57:40 2021 -0500

    appid: add support for snmpv3 report pdu

diff --git a/src/network_inspectors/appid/service_plugins/service_snmp.cc b/src/network_inspectors/appid/service_plugins/service_snmp.cc
index 8cfd50937b319b2a72aadd68138f80db8e5433d5..5da9594c9636b0ebb7cba1ec81752b8519f54b73 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_snmp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_snmp.cc
@@ -72,7 +72,8 @@ enum SNMPPDUType
     SNMP_PDU_TRAP,
     SNMP_PDU_GET_BULK_REQUEST,
     SNMP_PDU_INFORM_REQUEST,
-    SNMP_PDU_TRAPV2
+    SNMP_PDU_TRAPV2,
+    SNMP_PDU_REPORT
 };
 
 static const uint8_t SNMP_PATTERN_2[] = { 0x02, 0x01, 0x00, 0x04 };
@@ -489,7 +490,7 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args)
     }
     break;
     case SNMP_STATE_RESPONSE:
-        if (pdu == SNMP_PDU_GET_RESPONSE)
+        if (pdu == SNMP_PDU_GET_RESPONSE || pdu == SNMP_PDU_REPORT)
         {
             if (args.dir == APP_ID_FROM_RESPONDER)
                 goto success;
@@ -509,7 +510,7 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args)
             goto fail;
         break;
     case SNMP_STATE_R_RESPONSE:
-        if (pdu == SNMP_PDU_GET_RESPONSE)
+        if (pdu == SNMP_PDU_GET_RESPONSE || pdu == SNMP_PDU_REPORT)
         {
             if (args.dir == APP_ID_FROM_INITIATOR)
                 goto success;